33 matches found
EUVD-2024-49252
Malicious code in bioql PyPI...
CVE-2024-8544
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2021-24922
The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks...
CVE-2021-24972
The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2024-8544
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2024-8544
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2024-8544 Pixel Cat – Conversion Pixel Manager <= 3.0.5 - Reflected Cross-Site Scripting
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2024-8544 Pixel Cat – Conversion Pixel Manager <= 3.0.5 - Reflected Cross-Site Scripting
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2024-8544
Pixel Cat – Conversion Pixel Manager for WordPress (versions
WordPress Pixel Cat plugin <= 3.0.5 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Pixel Cat versions = 3.0.5...
WordPress Pixel Cat Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Pixel Cat Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8544 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4e86320ad402 Credits vgo0 Required privilege...
PT-2024-39084 · WordPress · The Pixel Cat – Conversion Pixel Manager
Name of the Vulnerable Software and Affected Versions: The Pixel Cat – Conversion Pixel Manager plugin for WordPress versions up to, and including, 3.0.5 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject...
WordPress plugin Pixel Cat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Pixel Cat plugin cross-site request forgery vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. Pixel Cat Plugin is a WordPress open source application plugin. WordPress Pixel Cat Plugins has a cross-site reques...
CVE-2021-24922
The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks...
CVE-2021-24972
The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24922
The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks...
CVE-2021-24972
The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
Cross site scripting
The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks...
Cross site scripting
The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...